pkce_not_created: The PKCE code challenge and verifier could not be generated

asked 2022-06-26T01:52:27.827+00:00
Ivan 6 Reputation points

I use masl[@azure/msal-browser] to achieve user login, it can be successful when I use localhost to access, , but the following error occurs when using IP or domain

Azure Active Directory
Azure Active Directory
An Azure enterprise identity service that provides single sign-on and multi-factor authentication.
12,544 questions
{count} votes

1 answer

Sort by: Most helpful
  1. answered 2022-08-23T13:02:14.463+00:00
    Thomas Carlsen (Delegate) 1 Reputation point

    Hi :) I just got the same error when using MSAL.js

    We had a web app (SPA) used as an Iframe two places but only one of the places throw back the error above - which was strange I though.

    I then tried to make the auth code flow without MSAL as a fix, but still auth didn't work!? :O

    The issue was that I was using the browser's default digest function window.crypto.subtle.digest but window.crypto.subtle was undefined.

    I later figured out that window.crypto.subtle.digest is only provided in a "secure context" (

    Even though we used https the object was undefined. So I suspect MSAL to also using window.crypto.subtle.digest (because it is a browser default feature) and is why it didn't work.

    As a fix I did the auth code flow manually but used this module for creating the digest: js-sha256